Performing JavaScript Static Analysis by Lewis Ardern

preview_player
Показать описание
Abstract:

Performing JavaScript Static Analysis!

JavaScript is everywhere, in our browsers, on our servers, and even runs our databases. Blackbox testing is all well and good, but to be able to understand issues, you need to look under the hood and look at the code. This talk will give a high-level overview on how to perform static analysis against JavaScript in a manual and automated fashion, with the emphasis on:

• Common review methods
• Common security issues
• Strongly typed JavaScript and Transpiling
• Tools and Linters
• Customizing Tools and Linters

Bio:

  1. BSides Leeds
Рекомендации по теме
Performing JavaScript Static 0:57:48

Performing JavaScript Static Analysis by Lewis Ardern

JavaScript Static Analysis 0:09:17

JavaScript Static Analysis - Using Flow

JavaScript Static Analysis 0:04:09

JavaScript Static Analysis - VS Code with JSDoc

JavaScript Static Analysis 0:08:29

JavaScript Static Analysis - Using TypeScript

04 Static Javascript 0:06:20

04 Static Javascript Analysis using BurpSuite

Static Analysis of 0:02:39

Static Analysis of Local JavaScript Files with jsluice

Inian Parameshwaran: Performing 0:21:49

Inian Parameshwaran: Performing Dynamic Analysis Of JS Apps - JSConf.Asia 2018

JavaScript Static Analysis 0:08:44

JavaScript Static Analysis - Linting with JSLint, JSHint, and ESLint

Value Partitioning: A 0:15:59

Value Partitioning: A Lightweight Approach to Relational Static Analysis for JavaScript

[OOPSLA] Static Analysis 0:18:56

[OOPSLA] Static Analysis of Event-Driven Node.js JavaScript Applications

Javascript Code Analysis 0:48:48

Javascript Code Analysis with Esprima

Plato.js -- JavaScript 0:13:56

Plato.js -- JavaScript Static Source Code Analysis Tool

JavaScript Testing and 0:46:26

JavaScript Testing and Static Type Systems at Scale - @Scale 2014 - Web

Black Hat USA 1:00:12

Black Hat USA 2013 - Javascript Static Security Analysis made easy with JSPrime

TMPA-2019: Static Taint 0:18:28

TMPA-2019: Static Taint Analysis for JavaScript Programs

Static Performance Analysis 0:04:06

Static Performance Analysis by Infer in VSCode

Static Analysis and 0:23:37

Static Analysis and Source Code Manipulation in TypeScript

Static analyzer for 0:30:02

Static analyzer for Dart or how to scan new JavaScript // Dmitry Desytkov Grisha Streltsov

DAST - Javascript 0:08:25

DAST - Javascript Dynamic Analysis

JSWhiz -- Static 0:25:44

JSWhiz -- Static Analysis for JavaScript Memory Leaks

Static analysis for 0:22:01

Static analysis for code and infrastructure​

Dynamic Code Analysis 0:24:48

Dynamic Code Analysis for JavaScript - Ariya Hidayat

JavaScript based Static 0:12:19

JavaScript based Static Code Analysis Tools comparison

BlackHat 2013 - 1:00:12

BlackHat 2013 - Javascript Static Security Analysis, made easy with JS Prime

Комментарии
Автор

09:03 covered today 10:03 dynamic execution of javascript, eval, setTimeout, DOMXSS 14:24 SOP, postMessage 23:28 Static Analysis, AST 43:17 ESLint

domaincontroller
welcome to shbcf.ru